syncfusion-react-treemaps

MEDIUM W011: Third-party content exposure detected (indirect prompt injection risk).

• Third-party content exposure detected (high risk: 0.80). The skill's documentation explicitly shows runtime flows that fetch and bind external API data (e.g., references/data-binding.md "Remote Data Sources" uses fetch('https://api.example.com/sales') and references/drilldown.md "DynamicDrillDown" fetches child data from /api/children/{id}), meaning the component ingests untrusted third-party content which can drive drill-down, selection, and other behaviors.